Skip to main content
Version: TeamForge 24.1

TeamForge 24.1 Update 3 Release Notes

Release Information

VersionReleased On
GA Version: 24.1.0.146Jan 31, 2025
Update 1: 24.1.0.157Jul 25, 2025
Update 2: 24.1.0.166Nov 13, 2025
Update 3: 24.1.0.167Apr 29, 2026

Issues Fixed in TeamForge 24.1 Update 3 Release

  • Addressed multiple grey box security findings reported for ALM. Improvements include stronger input validation, enhanced Content Security Policy (CSP) controls, added protections against automated form abuse, and improved session management for concurrent user access.
  • Delivered a consolidated hotfix package that combines previously released post-Update 2 fixes into a single RPM. The package includes security fixes, document review behavior updates, User-Role Matrix search corrections, long file name document download fixes, and related upload handling improvements.
  • Fixed a security issue where insufficient input sanitization could allow HTML injection and stored cross-site scripting (XSS) through user-supplied content. Validation and output encoding controls have been strengthened to prevent unsafe content from being rendered in the browser.
  • Fixed an issue where documents with long file names could not be downloaded successfully. Document title length restrictions were updated, and download handling was improved to support longer file names reliably.
  • Fixed an issue where search results did not display users on the User-Role Matrix page when filtering by user name. User searches on the matrix page now return results correctly.

https://forge.collab.net/sf/go/artf439426

  • Restored the previous Document Review required reviewer behavior. Document reviews can now be closed after at least one required reviewer has provided a comment.
  • Fixed a security issue where insufficient validation of user-supplied input could allow unsafe content to be submitted through crafted URLs or form inputs. Input validation and output encoding have been strengthened to prevent malicious content from being executed in the browser.

Apply Teamforge 24.1 Update 3

Teamforge 24.1 Update 3 is now available. Apply Teamforge 24.1 Update 3 on your site if you are on Teamforge 24.1.

TeamForge add-on packages can remain installed when you apply Teamforge 24.1 Update 3. No updates are required. However, you should verify the compatibility of Add-ons applied to your site as some may be more specific to your site.
If you have any questions regarding compatibility or updating a specific add-on, contact Digital.ai Support.

important

You must log in as a root user to apply Teamforge 24.1 Update 3.

  1. Stop TeamForge.

    note

    Stop TeamForge on all the servers in a distributed setup.

    teamforge stop

  2. Skip this step if your site has internet access. This step is to configure Teamforge 24.1 Update 3 installation repository on sites without Internet access.

    a. Contact the Digital.ai Support to get the auxiliary installer package for Teamforge 24.1 Update 3 disconnected installation and save it in /tmp.

    • Red Hat Enterprise Linux 8.10 64 bit RPM package: CTF-Disconnected-media-24.1.0.157-206.rhel8.x86_64.rpm

    b. Back up the old repo file.

    For example:

    mv /etc/yum.repos.d/CTF-Disconnected-media-24.1.0.157.repo /etc/yum.repos.d/CTF-Disconnected-media-24.1.0.157.repo.cn_backup

    c. Unpack the 24.1 Update 3 disconnected installation package.

    rpm -Uvh <package-name>

    d. Verify your yum configuration files.

    yum list httpd
    yum list apr

  3. Configure your TeamForge installation repository. This step is to configure Teamforge 24.1 Update 3 installation repository on sites with Internet access.

    a. Remove the existing TeamForge repository package.

    yum erase collabnet-teamforge-repo-24.1-0.noarch

    b. Contact the Digital.ai Support and download the Teamforge 24.1 Update 3 installation repository package to /tmp.

    c. Install the Teamforge 24.1 Update 3 installation repository package.

    yum install -y /tmp/collabnet-teamforge-repo-24.1-0.noarch.rpm

    d. Refresh your repository cache.

    yum clean all

  4. Install the Teamforge 24.1 Update 3.

    yum install teamforge

    The above command installs all the TeamForge updates available in the CollabNet yum repository for Teamforge 24.1.

  5. Check the /opt/collabnet/teamforge/var/scm/gerrit/gitroot directory. If it is empty, remove it manually.

    rm -rf gitroot

  6. Deploy services.

    teamforge provision

  7. Update file permissions on your site's data.

    important

    Do this if and only if you are upgrading from TeamForge 17.1 (or earlier) to 24.1 on a new hardware.

    teamforge apply-permissions
    note

    This process can take a long time on sites with a lot of data.

  8. Restart TeamForge.

    teamforge restart